Installing SSL Certificates in Linux

Filed in by Ashleigh Davis | January 20, 2011 9:47 am

The IT resource for this post was Ryan Walker, a Rackspace Hosting Linux Administrator.

The importance of Internet security cannot be overstated. More and more consumers are turning to the Internet for purchases—a goldmine of potential data waiting to be hacked. With SSLs, private user information—such as credit card numbers—are scrambled before transmission and reassembled only with proper decryption keys. Doing so not only secures sensitive customer information, but is also a step in the direction of proper compliance.

Installation of the certificate is relatively straightforward for Linux servers, whether they use a Plesk control panel or not. The following provides a step-by-step process for installing your new or updated SSL certificate in Linux.

Installing SSL on Linux Servers with Plesk

(1) Login to the Plesk Control Panel, select domains, choose the domain to be updated then select the certificates section.

(2) Click “Add New Certificate” icon.

[1]

click thumbnail for larger view

(3) In “Certificate Name” box, enter filename you would like cert saved as.

Note: It is helpful to make the names something that is easy to identity, such as year of certificate and domain associated (i.e., 2011-www.my-domain.com).

(4) On your local computer, find the certificate and key files provided by your certificate authority. Open them with a text editor such as NotePad or gedit.

[2]

click thumbnail for larger view

(5) Copy the entire contents of each file and paste them in appropriate boxes in Plesk.

Note: Be sure to paste the contents of the files in the appropriate, corresponding boxes.

(6) Click “Send Text” when finished.

(7) Click “Setup” under the “Hosting” section of the domain screen. Choose the new certificate from the drop-down list and click “OK” when finished.

[3]

click thumbnail for larger view

Installing SSL on Linux Servers without Plesk

(1) Upload certificate and key files to the server using S/FTP.

(2) Login to the server via SSH and become the root user using the “su —“ command. Give the root password when prompted.

(3) Move the certificate file to /etc/httpd/conf/ssl.crt

(4) Move the key file to /etc/httpd/conf/ssl.key

Note: When trying to move the files, the ssl.crt and/or ssl.key directory may not exist, so you will need to create those first with a mkdir command.

[4]

click thumbnail for larger view

(5) You’ll want to ensure security of the files by restricting permission for the key using chmod 0400.

[5]

click thumbnail for larger view

(6) Edit the VirtualHost configuration for the domain. This is sually found in etc/httpd/conf.d/ssl.conf

Note: This will edit the SSLCertificateFile and SSLCertificateKeyFile to point to the correct directories with the actual files.